unlink() (PHP) on Windows Server - Inconsistent File Permissions

Alimon · 8th August 2012, 4:47 PM

Hi All - long shot here, but thought I'd see if anyone had something on this.

I am having an issue whereby the PHP function unlink() is being able to successfully delete a file even though explicit deny NTFS permissions have been applied to the file in question. I have even tried removing all NTFS file permissions and the like - same outcome and it has me stumped.

FACTS

I have Apache 2.2.22 running PHP 5.4.5 on Windows Server 2008 R2
Apache/PHP are running under user EXODUS\wwwuser, proven by response to 'whoami' at command line from running PHP script - eg:
echo exec('whoami'); returns 'EXODUS\wwwuser'
The file 'deleteme.txt' is created by a member of the 'BUILTIN\Administrators' group, explicity deny permissions are applied to the file for EXODUS\wwwuser - however, PHP's unlink() function successfully deletes the file
I have tried this same thing by removing permission inheritance on this file, removing all permissions (including SYSTEM), and applying explicit deny 'FULL CONTROL' to EXODUS\wwwuser - guess what, unlink() still deletes the file...
EXODUS\wwwuser is a member of BUILTIN\Users, however this doesn't indicate that this would impact the situation.
File cannot be deleted by EXODUS\wwwuser when logged in interactively.
When files are written by PHP, file owner is 'EXODUS\wwwuser'

Does anyone have any thoughts on this?

How would I go about providing folders/files that cannot be deleted in a location via PHP's unlink() that are inside a defined 'open_basedir' area?

I'm using 'open_basedir' to stop scripts tampering with files outside of the declared open_basedir - this seems to be working fine - eg: can't delete files that are outside the location defined by 'open_basedir'.

I'm going to cross-post this on Whirlpool and Web Hosting Talk with hope of answers on this one.

Thanks in advance - look forward to some replies

phreeky82 · 9th August 2012, 10:33 AM

Are you setting the permissions of the file, or the folder that contains the file?

Zoltag · 9th August 2012, 9:39 PM

Check it out:

https://bugs.php.net/bug.php?id=10345

Quote:

This is not a bug but how the filesystem works. Permissions for erasing a file is according to the permissions on the directory and not the file.

Alimon · 11th August 2012, 9:48 PM

Zoltag, thanks for the reply - this seems to most likely be it, however I would have thought that even if the file in a containing directory has permission inheritance disabled and explicit deny permissions on delete for the file in question, for the user attempting to unlink/delete the file that it would fail...

More testing is required and i'll check in here when I have more.

I'm going to setup auditing on the file and folder and see what is actually happening.

8th August 2012, 4:47 PM	#1
Alimon Member Join Date: Jan 2004 Location: Melbourne Posts: 12	unlink() (PHP) on Windows Server - Inconsistent File Permissions Hi All - long shot here, but thought I'd see if anyone had something on this. I am having an issue whereby the PHP function unlink() is being able to successfully delete a file even though explicit deny NTFS permissions have been applied to the file in question. I have even tried removing all NTFS file permissions and the like - same outcome and it has me stumped. FACTS I have Apache 2.2.22 running PHP 5.4.5 on Windows Server 2008 R2 Apache/PHP are running under user EXODUS\wwwuser, proven by response to 'whoami' at command line from running PHP script - eg: echo exec('whoami'); returns 'EXODUS\wwwuser' The file 'deleteme.txt' is created by a member of the 'BUILTIN\Administrators' group, explicity deny permissions are applied to the file for EXODUS\wwwuser - however, PHP's unlink() function successfully deletes the file I have tried this same thing by removing permission inheritance on this file, removing all permissions (including SYSTEM), and applying explicit deny 'FULL CONTROL' to EXODUS\wwwuser - guess what, unlink() still deletes the file... EXODUS\wwwuser is a member of BUILTIN\Users, however this doesn't indicate that this would impact the situation. File cannot be deleted by EXODUS\wwwuser when logged in interactively. When files are written by PHP, file owner is 'EXODUS\wwwuser' Does anyone have any thoughts on this? How would I go about providing folders/files that cannot be deleted in a location via PHP's unlink() that are inside a defined 'open_basedir' area? I'm using 'open_basedir' to stop scripts tampering with files outside of the declared open_basedir - this seems to be working fine - eg: can't delete files that are outside the location defined by 'open_basedir'. I'm going to cross-post this on Whirlpool and Web Hosting Talk with hope of answers on this one. Thanks in advance - look forward to some replies

9th August 2012, 10:33 AM	#2
phreeky82 Member Join Date: Dec 2002 Location: Townsville Posts: 9,104	Are you setting the permissions of the file, or the folder that contains the file? __________________ Successful trades: eyusuf, andy8, stuartl, michaeliam, theDarkHorse, bob

11th August 2012, 9:48 PM	#4
Alimon Member Join Date: Jan 2004 Location: Melbourne Posts: 12	Zoltag, thanks for the reply - this seems to most likely be it, however I would have thought that even if the file in a containing directory has permission inheritance disabled and explicit deny permissions on delete for the file in question, for the user attempting to unlink/delete the file that it would fail... More testing is required and i'll check in here when I have more. I'm going to setup auditing on the file and folder and see what is actually happening.